99217d678ab22780cb0c0fe5e09b9308728a4deb9f245d7335aebb37d41207f9

Analysis

max time kernel
150s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
22/05/2024, 09:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

66cfc81d343d0e0fb68c9d3a3b4161c6_JaffaCakes118.html
Size

64KB
MD5

66cfc81d343d0e0fb68c9d3a3b4161c6
SHA1

b3f3b13ec0a596e41c2efb9e908f1e41000c2a5b
SHA256

99217d678ab22780cb0c0fe5e09b9308728a4deb9f245d7335aebb37d41207f9
SHA512

ac7b300a70d2839500a324260ce7ec15db39dfc750fd782e8afc90fc9fb9f079b941cf8d8bdde1ba51331186b911d83ac6ee56b298b658243e916581f2aa60a7
SSDEEP

1536:X5WkADkAmckABKQ+ZkAXhTcr0IPGNMxZPdJXxPTQakAkPvFShnWTpUQojcRqNL4D:XEkADkAZkAIDZkARTcr0uGNMxZPdJXxS

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3012	msedge.exe
3012	msedge.exe
388	msedge.exe
388	msedge.exe
4384	identity_helper.exe
4384	identity_helper.exe
4036	msedge.exe
4036	msedge.exe
4036	msedge.exe
4036	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe
388	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 388 wrote to memory of 624	388	msedge.exe	84
PID 388 wrote to memory of 624	388	msedge.exe	84
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3312	388	msedge.exe	85
PID 388 wrote to memory of 3012	388	msedge.exe	86
PID 388 wrote to memory of 3012	388	msedge.exe	86
PID 388 wrote to memory of 2164	388	msedge.exe	87
PID 388 wrote to memory of 2164	388	msedge.exe	87
PID 388 wrote to memory of 2164	388	msedge.exe	87
PID 388 wrote to memory of 2164	388	msedge.exe	87
PID 388 wrote to memory of 2164	388	msedge.exe	87
PID 388 wrote to memory of 2164	388	msedge.exe	87
PID 388 wrote to memory of 2164	388	msedge.exe	87
PID 388 wrote to memory of 2164	388	msedge.exe	87
PID 388 wrote to memory of 2164	388	msedge.exe	87
PID 388 wrote to memory of 2164	388	msedge.exe	87
PID 388 wrote to memory of 2164	388	msedge.exe	87
PID 388 wrote to memory of 2164	388	msedge.exe	87
PID 388 wrote to memory of 2164	388	msedge.exe	87
PID 388 wrote to memory of 2164	388	msedge.exe	87
PID 388 wrote to memory of 2164	388	msedge.exe	87
PID 388 wrote to memory of 2164	388	msedge.exe	87
PID 388 wrote to memory of 2164	388	msedge.exe	87
PID 388 wrote to memory of 2164	388	msedge.exe	87
PID 388 wrote to memory of 2164	388	msedge.exe	87
PID 388 wrote to memory of 2164	388	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\66cfc81d343d0e0fb68c9d3a3b4161c6_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffffc5d46f8,0x7ffffc5d4708,0x7ffffc5d4718
  2⤵
  PID:624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,16638980157997700096,7751230244023272679,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2196 /prefetch:2
  2⤵
  PID:3312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2188,16638980157997700096,7751230244023272679,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2188,16638980157997700096,7751230244023272679,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2884 /prefetch:8
  2⤵
  PID:2164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16638980157997700096,7751230244023272679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:2024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16638980157997700096,7751230244023272679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:4624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16638980157997700096,7751230244023272679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4792 /prefetch:1
  2⤵
  PID:2544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16638980157997700096,7751230244023272679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1
  2⤵
  PID:4420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16638980157997700096,7751230244023272679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4812 /prefetch:1
  2⤵
  PID:1976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16638980157997700096,7751230244023272679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
  2⤵
  PID:4996
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,16638980157997700096,7751230244023272679,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5580 /prefetch:8
  2⤵
  PID:1844
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,16638980157997700096,7751230244023272679,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5580 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16638980157997700096,7751230244023272679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1
  2⤵
  PID:2208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16638980157997700096,7751230244023272679,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5928 /prefetch:1
  2⤵
  PID:4608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16638980157997700096,7751230244023272679,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4204 /prefetch:1
  2⤵
  PID:1208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,16638980157997700096,7751230244023272679,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4832 /prefetch:1
  2⤵
  PID:1520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,16638980157997700096,7751230244023272679,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6124 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4036

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2136

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4864

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2daa93382bba07cbc40af372d30ec576

SHA1
c5e709dc3e2e4df2ff841fbde3e30170e7428a94

SHA256
1826d2a57b1938c148bf212a47d947ed1bfb26cfc55868931f843ee438117f30

SHA512
65635cb59c81548a9ef8fdb0942331e7f3cd0c30ce1d4dba48aed72dbb27b06511a55d2aeaadfadbbb4b7cb4b2e2772bbabba9603b3f7d9c8b9e4a7fbf3d6b6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ecdc2754d7d2ae862272153aa9b9ca6e

SHA1
c19bed1c6e1c998b9fa93298639ad7961339147d

SHA256
a13d791473f836edcab0e93451ce7b7182efbbc54261b2b5644d319e047a00a7

SHA512
cd4fb81317d540f8b15f1495a381bb6f0f129b8923a7c06e4b5cf777d2625c30304aee6cc68aa20479e08d84e5030b43fbe93e479602400334dfdd7297f702f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
4ba5342abf3b3008eecf9ec75db7e0fd

SHA1
58a5fdacace84640e43fef72c1dc7dbb618db705

SHA256
361678e41b70ce32b66e00ce66f355823c97233529c24d6c155cc57b7e87f711

SHA512
420eb19a1c1494c3f16e890ba53d59be3fc1a30a7deca2ac96f31745425c0ea9fc10bd68b911e859d50060b48d961f631d3f2b7e19896c56c8f5346c88d4a600

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
c01192cdd97feb0183d2c5e4da34989c

SHA1
18d109835e4c2b6075a7666d333916323c16cfbf

SHA256
f9c4259608deb5b8a1b2c9e0b62e7dc0146a035e360a55b1b39d067f6bcc0917

SHA512
47328bf3722b36b6067ce20338d1b5c3e17a5185e3f35a0cca65d2484612f7fc53b539a6bd72cb3c8c34e6f481247fe0565da80da6f635acbc3a56594b253a0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
c914fd7aadf18b7f9b85953d7d228691

SHA1
dfb437bbfac0324c06802143b4880da3505e373f

SHA256
251e5383eca3658874807daa9fcdb8092bfec41287b6e1abb02eafb49de2093f

SHA512
be5cf42d80824d05e4705643959326ecd31468bcd32193d4b6241d615dbc980ac40407117ef658128504279ee68e1e84b53e731b1ce41b227a3c9ee293a6c1a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a9c69794340fc4066cba147bb347810f

SHA1
10861e835b636e6e2ca57f0dea89062de529a7be

SHA256
a459ced70f0a4a06657fa963226be229cb076b4b6d82e7a5a20b8755fa36a18b

SHA512
2dd4b10ec964fbfbd7b990b54e16c7440c28629a1e905a45cc8dd2f2149cb013ec5a9d3074f888a844e5115397234a38c486728c68dd0cde8ff2221e70822551

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
4899ba3d4320adf972e7744f4944860b

SHA1
55d62845cc081a78a37d1c9d4f63fc4c6c9d486a

SHA256
533e3e744e6b44f2eeb66313a1fc55096a1d2bc196302177cd4628c69c0da86e

SHA512
caa78cde34f543d1239b6686f089aaf94d24b7f9c07cb4d54c2c52c39c12ca70bd18f1c1a86f1fdc1cb4a72ef5164a6aa4a832a817d801ffa441bb4e7ea39edf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
1c6c6a53a7ec5a699f8a4838fc1e4c08

SHA1
603a8523b6ce149f524cab386ca751ed5bfce4a1

SHA256
7c24689004d068de3c2953135b6724d074ddcaa9f4f251b70be1f5e765bd3e1c

SHA512
4461009f81c46152cf9d4b2ca04e6227b7cd3d22d1f7f95cd80f13fc892a4df585d146df576c495e0de2ada956edaa72bc5c8d9f75b470b61a3de99ff6411afe

Download Submit